Hello
Is it correct to assume that if my dissector use the tcp_dissect_pdus to
reassemble my protocol, I have to start the capture before the TCP
connection is established?
I'm thinking that if I start the capture after the TCP reassembly module
will call my getlength function with the first "TCP
hl(tvb,offset+MPI_LENGTH_INDEX) + MPI_HEADER_SIZE;
>
> return length ;
> }
>
> But I get exactly the same result.
> The length returned is the same as before and seems correct to me...
>
> Thx
> Fabien
>
>
>> Hi fab12,
>>
>> On Fri, Dec 09, 2011 at
before and seems correct to me...
Thx
Fabien
> Hi fab12,
>
> On Fri, Dec 09, 2011 at 08:25:12AM +0100, fa...@freesurf.fr wrote:
>> Hello,
>>
>> I am having problem using the tcp_dissect_pdus and hope someone can help
>> me here.
>>
>> The documentat
Hello,
I am having problem using the tcp_dissect_pdus and hope someone can help
me here.
The documentation seems pretty clear to me and I think I am doing what I
am suppose to do:
tcp_dissect_pdus(tvb, pinfo, tree, TRUE, 20,
get_foo_message_len, dissect_foo_packet);
Hello Marcel,
I don't have the solution for your problem but I am basically doing the
same kind of things as you in a plugin dissector.
I do some reassembling probably not in a wireshark standard way and it
seems to work though I think I should have the same problem as you.
In my case the fragmen
I have a example from my plugin if it may help:
unsigned char Ip_Buffer[2000];
/* Get the buffer bytes to decompress */
tvb_memcpy(tvb, Ip_Buffer, (*bitoffset)/8,lgpdubit/8);
/*
* Decompress it:
* Decompressed buffer is output in Op_Buffer,
>
> On Oct 7, 2011, at 1:19 AM, fa...@freesurf.fr wrote:
>
>> Is there any way to send some information to a plugin dissector from the
>> wireshark GUI interface?
>
> What sort of information?
>
Typically a filename + Directory where the the plugin dissector would
write some statistic information.
Hello,
Is there any way to send some information to a plugin dissector from the
wireshark GUI interface?
For instance using a wireshark menu to set some variable that will be
accessible from the plugin.
Or maybe it is possible to add a menu from the plugin?
Thanks
Fabien
_
Thanks for the detailed answer :-)
FYI this is a plugin dissector. I have handled the fact that packets are
dissected
out of order and multiple times.
It seems to work fine though I'm aware that what I do does not really
respect wireshark dev. spirit partly because this is ad hoc proprietary
prot
Hello
I made a dissector that so far is used with capture file generated from
traces by a protocol simulator.
So it is not realtime ethernet sniffering.
In the dissector I am gathering data from the read capture file to
generate a new file
with misc information.
Now I need to name and save this fi
Actually I meant how to access programmatically.
Eventually I found pinfo->fd->num; and for the time
pinfo->fd->rel_ts.secs
pinfo->fd->rel_ts.nsecs
> writes:
>
>> How do I access to the value in the frame number first column in a
>> listview?
> frame.number
>
>> Same question for time column.
>
Hello all,
I have some dummy questions for which I have not been able to find any
answer on the web:
How do I access to the value in the frame number first column in a listview?
Same question for time column.
Also is it possible to change the value in the time column?
Thx for your help
Fabien
Hello,
Is there a way to set the source address column?
I tried something like col_append_fstr(pInfoG->cinfo, 2, sourceadd);
and
pInfoG->src.type=AT_OSI;
pInfoG->src.len=1;
pInfoG->src.data=&sourceadd;
But none work and I can't find any related info on the web about that
Thx
F
> When you receive a fragment, can you tell which PDU it belongs to (1 or
> 2), or does that only become clear after one of the PDUs is reassembled?
>
> If you can identify the PDU ID before reassembly, then the existing
> reassembly code can be made to work, by allocating a separate reassembly
> b
Hi Anders,
I'm not sure the regular reassembling algo presented in README is good for
me because my fragment do not come in sequence.
That is I can receive fragment of packet 2 between 2 fragment of packet 1.
That is why I'm wondering if my algorithm below is correct and especially
the way I use
Hi
I am currently working on a dissector for some proprietary protocol and I
need to do some reassembling of buffer.
I am looking for information on how to handle tvbuff_t API.
I have found this :
http://wireshark.sourcearchive.com/documentation/1.0.0/tvbuff_8h_aa919b43fdba78f4be4a76aa274e6cce.ht
16 matches
Mail list logo
